SB2023120673 - Multiple vulnerabilities in Google Pixel

Description

This security bulletin contains information about 33 secuirty vulnerabilities.

1) Use After Free (CVE-ID: CVE-2023-22383)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to improper input validation in Camera. A local privileged application can execute arbitrary code.

2) Information exposure (CVE-ID: CVE-2023-48411)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Exynos RIL subcomponent in Pixel. A local application can gain access to sensitive information.

3) Information exposure (CVE-ID: CVE-2023-48412)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the gchips subcomponent in Pixel. A local application can gain access to sensitive information.

4) Information exposure (CVE-ID: CVE-2023-48413)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the exynos-ril subcomponent in Pixel. A local application can gain access to sensitive information.

5) Information exposure (CVE-ID: CVE-2023-48415)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the exynos-ril subcomponent in Pixel. A local application can gain access to sensitive information.

6) Information exposure (CVE-ID: CVE-2023-48422)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the exynos-ril subcomponent in Pixel. A local application can gain access to sensitive information.

7) Improper input validation (CVE-ID: CVE-2023-48416)

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Modem subcomponent in Pixel. A local application can perform a denial of service (DoS) attack.

8) Use After Free (CVE-ID: CVE-2023-22668)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to improper input validation in Audio. A local privileged application can execute arbitrary code.

9) Information exposure (CVE-ID: CVE-2023-48404)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the exynos-ril subcomponent in Pixel. A local application can gain access to sensitive information.

10) Use of Out-of-range Pointer Offset (CVE-ID: CVE-2023-28575)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to improper input validation in Camera Driver. A local privileged application can execute arbitrary code.

11) Buffer overflow (CVE-ID: CVE-2023-28579)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to improper input validation in WLAN Host. A local privileged application can execute arbitrary code.

12) Buffer overflow (CVE-ID: CVE-2023-28580)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to improper input validation in WLAN Host. A local privileged application can execute arbitrary code.

13) Memory corruption (CVE-ID: CVE-2023-21634)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to improper input validation in Radio Interface Layer. A local privileged application can execute arbitrary code.

14) Buffer overflow (CVE-ID: CVE-2023-33024)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to improper input validation in Radio Interface Layer. A local privileged application can execute arbitrary code.

15) Reachable Assertion (CVE-ID: CVE-2023-33041)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.

16) Information exposure (CVE-ID: CVE-2023-48408)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Exynos RIL subcomponent in Pixel. A local application can gain access to sensitive information.

17) Information exposure (CVE-ID: CVE-2023-48403)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Modem subcomponent in Pixel. A local application can gain access to sensitive information.

18) Improper input validation (CVE-ID: CVE-2023-48421)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the mali_kbase subcomponent in Kernel components. A local application can execute arbitrary code.

19) Information exposure (CVE-ID: CVE-2023-48410)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Exynos subcomponent in Pixel. A local application can gain access to sensitive information.

20) Improper input validation (CVE-ID: CVE-2023-41111)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the ShannonRcs subcomponent in Pixel. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.

21) Improper input validation (CVE-ID: CVE-2023-48423)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Exynos subcomponent in Pixel. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.

22) Improper input validation (CVE-ID: CVE-2023-48402)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the LDFW subcomponent in Pixel. A local application can execute arbitrary code.

23) Improper input validation (CVE-ID: CVE-2023-48405)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the LDFW subcomponent in Pixel. A local application can execute arbitrary code.

24) Improper input validation (CVE-ID: CVE-2023-48407)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the bootloader subcomponent in Pixel. A local application can execute arbitrary code.

25) Improper input validation (CVE-ID: CVE-2023-48409)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the Pixel GPU kernel module subcomponent in Pixel. A local application can execute arbitrary code.

26) Improper input validation (CVE-ID: CVE-2023-37366)

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Cellular Baseband subcomponent in Pixel. A local application can perform a denial of service (DoS) attack.

27) Information exposure (CVE-ID: CVE-2023-48401)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Exynos RIL subcomponent in Pixel. A local application can gain access to sensitive information.

28) Improper input validation (CVE-ID: CVE-2023-48406)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the Modem OTP subcomponent in Pixel. A local application can execute arbitrary code.

29) Improper input validation (CVE-ID: CVE-2023-48414)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the Pixel Camera Driver subcomponent in Pixel. A local application can execute arbitrary code.

30) Improper input validation (CVE-ID: CVE-2023-48420)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the Camera subcomponent in Pixel. A local application can execute arbitrary code.

31) Information exposure (CVE-ID: CVE-2023-48397)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the exynos-ril subcomponent in Pixel. A local application can gain access to sensitive information.

32) Information exposure (CVE-ID: CVE-2023-48398)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Exynos RIL subcomponent in Pixel. A local application can gain access to sensitive information.

33) Information exposure (CVE-ID: CVE-2023-48399)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Exynos RIL subcomponent in Pixel. A local application can gain access to sensitive information.

Remediation

Install update from vendor's website.

References

• https://source.android.com/docs/security/bulletin/pixel/2023-12-01